dbcook
commented
8 months ago There is a buffer overflow security problem here if _GPS_MAX_FIELD_SIZE could ever be exceeded on the input, so (size-1) on the strncpy 3rd arg is always good hygiene. As this repo seems to have gone inactive I'm going to grab @GioTB 's fork and use that.
I´m using the library on esp-idf on a esp32, and i´m having the following error on compile:
TinyGPSPlus/src/TinyGPS++.cpp:487:10: error: 'char strncpy(char, const char*, size_t)' specified bound 16 equals destination size [-Werror=stringop-truncation] strncpy(this->stagingBuffer, term, sizeof(this->stagingBuffer));
has i can see the strncpy on the Set method should have a "-1" size so the destination buffer always contains the null character. For now i modified it to compile by leaving the strncpy like this:
void TinyGPSCustom::set(const char *term) { strncpy(this->stagingBuffer, term, sizeof(this->stagingBuffer) - 1); } i hadded the "-1" on the size parameter, i saw the stagingBuffer and i realized that it´s size it´s +1 of _GPS_MAX_FIELD_SIZE wich i suppose it´s precisely for the null character so there shouldn´t be any problem.
If this is right, please add it to the repo!
Thanks!!!!